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BACKGROUND OF THE INVENTION 

15 

The present invention relates generally to a Web technology and more particularly 
to methods and apparatus for proxy server cookies. 

Cookies have been used in the World Wide Web (Web) to track a visitor's session 
state. However, many browsers running on devices with limited memory capacity do not 
20 or cannot accept cookies. Also, for privacy reasons, many browsers also disable cookie 
handling mechanisms of their browsers. As a result, these browsers cannot access web 
pages that mandate cookie handling. 

Thus there is a need for an alternative method to handle cookies in the Web. 

25 SUMMARY 

The present invention is on methods and apparatus that can handle cookies for 
devices with limited memory capacity. 
30 In one embodiment, this is done by a server, which centralizes cookie handling 

for browsers on a number of clients. Not only does the invention solve the problems of 
browsers that cannot handle cookies, the invention also protects the privacy of surfers by 
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hiding their identities. 



DETAILED DESCRIPTION OF THE INVENTION 



One embodiment of the present invention is based on the concept of dynamic 
session, which starts when a browser sends a fresh request to a proxy server to access 
information on the Web. 

In the present invention, the Web is defined as a network of computers that publish 
information using a standard protocol, such as HTTP, FTP or TCP/IP. A dynamic session 
is defined as a request that the proxy server has no prior memory of 



same session, all embedded links in the response page can then be stamped with the same 
session id. A\sessioned request is defined as a request that has session id information in 
addition to the Request itself The proxy server can relate a sessioned request to a session 
via the session id The session continues as long as the user stays in the links of the first 
page or pages generated from links in the first page. A session expires when its age reaches 
the lifetime set byVhe server. The session lifetime can be configurable through a 
configuration parameter. Due to the dynamic nature of the session, users do not have to log 
into the proxy server that provides centralized cookie handling services. Same user can start 
multiple sessions at the san^e time. 

In one embodiment, a client sends a fresh request for a particular URL to the proxy 
server. The proxy server first checks the request header to determine whether the browser 
of the client is capable of handling cookies. If the browser accepts cookies, and if the 
browser does not intend to disable cookie-handling capabilities, the proxy server would not 
provide cookie service. Otherwise, the proxy server first generates a session id to identify 
the new session. 

The proxy server then sends the request to the targeted external web site to get the 




ien a new session is started, a unique session id can be generated. Within the 
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corresponding page. After getting the response page, the proxy server first strips off any 
cookies set by the external web site from the response header. The cookies, owned by a 
particular session and identified by the session id, are typically stored in a cookie repository 
for subsequent requests within the session. 

In one embodiment, the session id, or its encoded or encrypted version, is in a 
configuration of a URL, or an address the web browser recognizes. 

The proxy server then appends the session id or its encoded or encrypted version 
to all of the links embedded in the response page. Then, the proxy server sends the modified 
response page, with the new header, to the corresponding client. 



In one embodiment, when a sessioned request is received, the proxy first retrieves 
and stripeb off the session id from the request URL. The session id and the URL are then 
used to retrieve the cookies from the cookie repository. The proxy then uses the cookies 
retrieved to generate a cookie header. The new cookie header is then appended to the 
original requek header. The session information is removed from the URL. The request 
is then sent to the external web site to fetch the page. After receiving the page from the 
external web siteVthe same procedure as that of handling a fresh request is used to process 
the header and the page. 
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